|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [USN-74-1] Postfix vulnerability
From: Erwin Lansing (erwin
lansing.dk)
Date: Mon Feb 07 2005 - 08:18:23 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, Feb 07, 2005 at 07:40:30AM -0500, Wietse Venema wrote:
> Erwin Lansing:
> > Actually, I experienced the same issue about 2 years ago on FreeBSD.
> > It is only a problem when an ip-address is specified and not when
> > specifying a full cidr. Apart from this issue being there since this
> > patch was available, it can only be a problem when appying unofficial
> > patches and not reading their docs.
>
> Details, please? I want to check this out in the IPv6 code that
> is now built into Postfix.
>
It's quite a while ago, but AFAIR specifying
permit_mx_backup_networks = 192.168.1.3
turned into an open relay while
permit_mx_backup_networks = 192.168.1.3/32
did not.
I guess Dean can provide more details.
Cheers,
-erwin
--
_._ _,-'""`-._
Erwin Lansing (,-.`._,'( |\`-/| erwinlansing.dk
http://droso.org `-.-' \ )-`( , o o) erwinFreeBSD.org
-bf- `- \`_`"'-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (FreeBSD)
iD8DBQFCB3ivqy9aWxUlaZARAvUTAJ0SQS9XS3fZXToiGB6a3c+JNt4ywgCcDhgH
x8AcMnyJPVjChX9pcmxn+zA=
=N4E8
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]